Vulnerabilities and security researches foratarim-visual-collaboration atarim-visual-collaboration

Direction: ascending

Jun 07, 2024

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2023-47544

CVE, Research URL: CVE-2023-47544
Home page URL: Security reports for Visual Website Collaboration, Feedback & Project Management – Atarim
Application: Visual Website Collaboration, Feedback & Project Management – Atarim
Date: Nov 15, 2023
Research Description: Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.12 versions.
Affected versions: max 3.13.
Status: vulnerable

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-2793

CVE, Research URL: CVE-2024-2793
Home page URL: Security reports for Visual Website Collaboration, Feedback & Project Management – Atarim
Application: Visual Website Collaboration, Feedback & Project Management – Atarim
Date: May 31, 2024
Research Description: The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to Stored Cross-Site Scripting via comments in all versions up to, and including, 3.30 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions: max 3.31.
Status: vulnerable

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2023-37393

CVE, Research URL: CVE-2023-37393
Home page URL: Security reports for Visual Website Collaboration, Feedback & Project Management – Atarim
Application: Visual Website Collaboration, Feedback & Project Management – Atarim
Date: Sep 04, 2023
Research Description: Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.9.3 versions.
Affected versions: max 3.9.4.
Status: vulnerable

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-2038

CVE, Research URL: CVE-2024-2038
Home page URL: Security reports for Visual Website Collaboration, Feedback & Project Management – Atarim
Application: Visual Website Collaboration, Feedback & Project Management – Atarim
Date: May 23, 2024
Research Description: The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 3.22.6. This is due to the use of hardcoded credentials to authenticate all the incoming API requests. This makes it possible for unauthenticated attackers to modify plugin settings, delete posts, modify post titles, and upload images.
Affected versions: max 3.30.
Status: vulnerable

Visual Website Collaboration, Feedback & Project Management – Atarim # bbe69f8fc5d39676b07cb8a8e98e16d8826d1086

CVE, Research URL: bbe69f8fc5d39676b07cb8a8e98e16d8826d1086
Home page URL: Security reports for Visual Website Collaboration, Feedback & Project Management – Atarim
Application: Visual Website Collaboration, Feedback & Project Management – Atarim
Date: Jul 07, 2023
Research Description: Visual Website Collaboration, Feedback & Project Management – Atarim [atarim-visual-collaboration] < 3.9.2 Atarim - Client Interface <= 3.9.1 - Missing Authorization via AJAX actions The Atarim - Client Interface plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the avc_send_invitations and avc_delete_invitations functions in versions up to, and including, 3.9.1. This makes it possible for unauthenticated attackers to delete arbitrary accounts (and the content they created) on the site. The creation of accounts is also possible although new accounts are limited to the default role or subscriber, whichever is higher.
Affected versions: max 3.9.2.
Status: vulnerable

Jul 02, 2024

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-37434

CVE, Research URL: CVE-2024-37434
Home page URL: Security reports for Visual Website Collaboration, Feedback & Project Management – Atarim
Application: Visual Website Collaboration, Feedback & Project Management – Atarim
Date: Jul 22, 2024
Research Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Atarim allows Stored XSS.This issue affects Atarim: from n/a through 3.31.
Affected versions: max 3.32.
Status: vulnerable

Aug 12, 2024

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-7621

CVE, Research URL: CVE-2024-7621
Home page URL: Security reports for Visual Website Collaboration, Feedback & Project Management – Atarim
Application: Visual Website Collaboration, Feedback & Project Management – Atarim
Date: Aug 12, 2024
Research Description: The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the process_wpfeedback_misc_options() function in all versions up to, and including, 4.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the plugins settings which can also be leveraged to gain access to the plugin's settings.
Affected versions: max 4.0.3.
Status: vulnerable

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-38771

CVE, Research URL: CVE-2024-38771
Home page URL: Security reports for Visual Website Collaboration, Feedback & Project Management – Atarim
Application: Visual Website Collaboration, Feedback & Project Management – Atarim
Date: Nov 01, 2024
Research Description: Missing Authorization vulnerability in Atarim allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Atarim: from n/a through 4.0.
Affected versions: max 4.0.1.
Status: vulnerable

Aug 20, 2024

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-43290

CVE, Research URL: CVE-2024-43290
Home page URL: Security reports for Visual Website Collaboration, Feedback & Project Management – Atarim
Application: Visual Website Collaboration, Feedback & Project Management – Atarim
Date: Nov 01, 2024
Research Description: Missing Authorization vulnerability in Atarim allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Atarim: from n/a through 4.0.1.
Affected versions: max 4.0.2.
Status: vulnerable

Jan 22, 2025

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-12104

CVE, Research URL: CVE-2024-12104
Home page URL: Security reports for Visual Website Collaboration, Feedback & Project Management – Atarim
Application: Visual Website Collaboration, Feedback & Project Management – Atarim
Date: Jan 21, 2025
Research Description: The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpf_delete_file and wpf_delete_file functions in all versions up to, and including, 4.0.9. This makes it possible for unauthenticated attackers to delete project pages and files.
Affected versions: max 4.1.0.
Status: vulnerable

Jan 26, 2025

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2025-24570

CVE, Research URL: CVE-2025-24570
Home page URL: Security reports for Visual Website Collaboration, Feedback & Project Management – Atarim
Application: Visual Website Collaboration, Feedback & Project Management – Atarim
Date: Jan 24, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atarim Atarim allows Stored XSS. This issue affects Atarim: from n/a through 4.0.8.
Affected versions: max 4.0.9.
Status: vulnerable

Feb 21, 2025

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2025-22657

CVE, Research URL: CVE-2025-22657
Home page URL: Security reports for Visual Website Collaboration, Feedback & Project Management – Atarim
Application: Visual Website Collaboration, Feedback & Project Management – Atarim
Date: Feb 19, 2025
Research Description: Missing Authorization vulnerability in Vito Peleg Atarim allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Atarim: from n/a through 4.0.9.
Affected versions: max 4.1.0.
Status: vulnerable

Feb 26, 2025

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2025-26993

CVE, Research URL: CVE-2025-26993
Home page URL: Security reports for Visual Website Collaboration, Feedback & Project Management – Atarim
Application: Visual Website Collaboration, Feedback & Project Management – Atarim
Date: Feb 25, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vito Peleg Atarim allows Reflected XSS. This issue affects Atarim: from n/a through 4.1.0.
Affected versions: max 4.1.1.
Status: vulnerable

Vulnerabilities and security researches foratarim-visual-collaboration atarim-visual-collaboration

Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim # CVE-2023-47544

Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim # CVE-2024-2793

Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim # CVE-2023-37393

Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim # CVE-2024-2038

Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim # bbe69f8fc5d39676b07cb8a8e98e16d8826d1086

Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim # CVE-2024-37434

Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim # CVE-2024-7621

Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim # CVE-2024-38771

Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim # CVE-2024-43290

Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim # CVE-2024-12104

Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim # CVE-2025-24570

Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim # CVE-2025-22657

Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim # CVE-2025-26993

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2023-47544

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-2793

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2023-37393

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-2038

Visual Website Collaboration, Feedback & Project Management – Atarim # bbe69f8fc5d39676b07cb8a8e98e16d8826d1086

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-37434

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-7621

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-38771

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-43290

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2024-12104

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2025-24570

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2025-22657

Visual Website Collaboration, Feedback & Project Management – Atarim # CVE-2025-26993